Posted
by
Cliff
on Tuesday December 28, 1999 @01:09PM
from the suggestions-anyone dept.

Shawn wrote in asking for suggestions on high-end Linux Workstation configurations for the US Army. Aparently, they are looking at replacing some SGIs with cheaper PCs, and this being Slashdot, I'm sure some of you might be able to make some improvements to their suggested configuration. I can't tell you how glad I am to see the US Army giving Linux a chance. The US Navy could probably learn a thing or two from this. Click below for the full text.

Shawn asks: "The US Army is looking for advice on purchasing several high-end Linux workstations. These systems will be used in a post-flight processing environment. We routinely process raw data measurements in excess of 1 million samples/second. This processing can utilize several GB of disk space and up to and exceeding 1GB of RAM. We are currently using SGI Octane systems but need to switch to the lower cost PC environment. This will allow less costly while still providing excellent performance. Let us know any advice you may have or insights we may not have thought of.

And personally, I LOVE this sucker. Nice and open, even with tons of stuff in it, and it can take about 5 extra fans. Oh, and the Mo-Bo tray slides out with all the expansion cards in place with 4 screws removed.

I am really impressed at the configuration. However I was just wondering

1. Why not an SMP with Dual or Quad CPU when one is going to such lenghts ? 2. How about a TV Tuner cards... linux supports a lot of those now a days..... for those moments when working-on-a-high-end-pc becomes too boring. 3. Last not least, won't it be better to have a RAID of 3 or more instead of two simple disc drives ?

NEway... I'm not the one who is spending... so all I can do is give "FREE" suggessions here.

If you're really looking for speed, why not try a 64-bit processor? Alphas or Sparcs, both are very fast, especially Alphas. They run linux well, and are fairly stable. The only disadvantage is you would have to port the code by making sure that it's 64-bit clean.

They don't need help with *Linux* per se, they need help with Redhat's Distribution of Linux. Offering help is interesting here when you think about it. Don't companies charge big bucks for this advice? Further, don't they make a living by providing this advice and support? Are we stealing business from our consulting brothers?;-)

But seriously, while I'm a RedHat fan, I wonder if the request would have been more appropriate if they were looking for *general* Linux advice.

Some of those Sound Blaster 128's do not work because of randomly changing codec chips... I have an es1370 (also Creative,very similar to SB 128). The SB Live card has Creative's official blessing in the form of open source drivers from the manufacturer. Also, I like the DEC Tulip based cards; Bay and Linksys both make one. 3Com also charges 2x what their competitors charge due to name recognition. Otherwise, this system looks awesome.

I thought this was a processor-intensive operation! What are you doing with a Microsoft Intellimouse on Linux? Why not use onboard video if all you're doing is anaylsis? Why the DVD? Do you want to watch movies during anaylsis? And why two USB ports?

Their mission is to protect your right to say what you just said. Their mission is to protect the American Idea, and the American way of life. Their mission is to sacrifice their own life for an idea that they believe is larger than they as individuals are. Their mission is something that is simply beyond your comprehension. You don't have to understand it, but you should respect it. And if killing is required, I don't have an issue with that. It's simply the way of the world.

Those are all fine components, but I think it's way too specific if you're not building it yourselves. Call your favorite Linux system vendor (VA? Dell? Penguin?) and say, "I'd like a bunch of kick-a** desktops for such-and-such sort of data analysis - what do you suggest?" Maybe procurement requirements won't let you do that, in which case I think they're broken (surprise, surprise).

ok, ok, i know, blatant apple plug, but have you thought about the G4? Other then ports and drives that you can add, it somewhat looks like that could do it for ya.Once they get LinuxPPC altivec optimized... *drool*.

Just dont forget about that Apples thinking that you can only run MacOS on it, you dont need x86 for everything you know =)

The US military is in the business of invading foreign nations and imposing their rules on the rest of world. The military are the thugs who backup the politicians who come up with grand philosphical reasons to extend the scope of control of the US economy to include the entire world.

While I can't disrespect these boys who are eager to "play guns" for real, they do little worthy of respect.

Americans are hated all over the world, almost universally. Why? Because they've bomed more countries than anyone else since WWII, and because they've got soldiers on the soil of soveriegn nations. Your saying American soldiers are "just following orders." Now where have I heard that before?

I'd suggest either an Intel EtherExpress Pro or a card based on the DEC Tulip chipset instead of the 3c905 card... The Linux drivers for either of those seem to be better done (especially with SMP, though this is probably fixed now) than the 3com driver.

A nice setup, but here's a couple of suggestions: * Was that two processors you were considering? Perhaps push it to four. * Consider getting a redundant RAID array if this is going to hold terribly important data. * Make sure there's no chance of this system getting overheated. Don't spare the cooling fans. And get one of those temperature LCDs/warning alarms that mounts onto a 5.25" bay. * Redhat is great, but also consider SuSe 6.3, in Best Buy for about $25. Lots of great stuff on those CD ROMs.

Sometimes this kind of stuff just irks me - how clueless are people anyway??

This is a DATA PROCESSING machine. You do NOT need a 128bit sound card plus massive speakers. If any kind of sound is going to come out of this thing, an average SB16 or AWE32 is more than adequate.

You also do NOT need a Viper 770 video card. What the heck are you going to display on your screen that you would need 32 Mb of video RAM for?? Just an ordinary video will do - 8Mb at the most. This is X-Windows, not Quake.

No need to specify UltraDMA66 controllers if the only thing you're going to hang off it is a DVD drive.

The Athalons will still give you a few percent higher performance on math than the PIIIs, you may want to go with that instead - though you may not have much pick of motherboards.

Everything looks pretty tasty but currently thedriver for the TNT2 chipset doesn't perform very well. The situation is being worked on.Right now 3dfx chipsets have the best support but are pretty much maxed out potential wise. I would suggest looking at Matrox G400 instead.Matrox has been very good about releasing specs and the current driver outperforms the TNT2 in terms of framerate by a considerable amount.

as for cpus: my guess is price, basically bang for buck under linux, even though it doesn't look like that at first glance. support for multi-cpus under linux is wanning[sp], and threaded application support is too.

tv card would be cool, i want one !

what are they gonna use that sb 128 for? doesnt really sound liek they would need something that high end, not really high end but real damn expensive;).

When was the last time the US military came out and defended you from an invading force?

Unknown. When was the last time anyone tried to shoot the President? Long time? Secret Service must be obsolete, too.

Point is, the Army is a preventative (ideally) AND curative (sometimes) measure.

How often do they kill people, not involved in forces invading the US, each year?

I don't understand the question. Are you saying you care about the freedom of only those people with the good fortune of having been born a US citizen?,br> It's pretty clear. They are in the business of killing people.

What do you suggest we do with a tyrant? Explain how nice freedom is and hope he understands?---

Forget the P3's and go with Athlons. As for the LS120, be careful with them. The power supply pins are VERY fragile. I went to use mine after like 6-8 months of not paying attention to it, and lo and behold it wasn't working because the pins all broke off.:)

By the way, where are all the SMP Athlons? A year ago everyone was saying "by the end of 1999," but I see none. Going from a K6-2/450 to Athlon/550 nearly halved the time to compile things. I can't wait to reap the benefits of two of these suckers.

In my experience, mixing IDE and SCSI devices causes a performance hit on the SCSI side. In fact, I've seen a noticeable increase in the performance of a good UltraII SCSI chain by disabling the on-board IDE controller.

It's difficult to say what needs to be changed when I'm not entirely sure what the specific application setting is for this piece of equipment.

If it is specialized, I would recommend a simple window manager such as BlackBox or IceWM. There is no need to burden your system with unnecessary tools and applications. If, on the other hand, it is going to be a user friendly system, I'd have to recommend using KDE or GNOME, giving preference to your personal aesthetics. The added complexity of GNOME or KDE should be justified.

In terms of hardware, I must point out that USB support will not be available until kernel 2.4, IIRC, but that will be arriving soon. Also included will be firewire support, again IIRC, which should encourage you to investigate using that as a possible alternative to SCSI. Again, it is application dependent, and also subject to some personal preference.

In terms of video, the Diamond Viper is a bit of overkill if you'll be using BlackBox or IceWM, and you could save yourself a bit of money by getting something a bit less hefty, and possibly including TV support, such as the ATI Rage128. Since the TNT2 chipset is being backed by NVidia under Linux, it is a decent choice, IMHO.

With respect to the processor of choice, I see no real reason not to get an AMD instead of an Intel if the price is right and the speed is sensible. Alternatively, with Linux, you can go completely Alpha, or Sparc (although I would avoid Sparc, but that's a personal aesthetic thing), and not have to really worry about interoperability with other platforms given the nature of Linux.

Kent: Tonight, on "Eye on Springfield": just miles from your doorstep, hundreds of men are given weapons and trained to kill. The government calls it the "army", but a more alarmist name would be -- "The Killbot Factory." ---- Always cracks me up when I see that one.

calling the pres a prick is a bit harsh, and offtopic don't you believe.

BTW, after watching him on cspan on economic matters, im convinced at what a smart man we have runnning our country, even with obvious faults and problems like us all . thats why im worried about GW Bush, he never comes off as a intelligent man.

I have to second the suggestion. DEC Tulip cards perform the best of any ethernet card I have run across. (at least in a single processor board) I can't really comment on the SMP troubles of the 905, though I can tell you I gleefully swapped four of them out for cheap Tulip cards and got a 15% throughput increase.

They didn't actually ask for help with Redhat. They just said that they're considering it. And I think it's good that they did too. I, for one, hate it when people ask for advice with their linux problems but neglect to tell me exactly what is going on. Imagine if some newbie was having trouble with splat and forgot to mention that he was running Redhat. Doh!

4. On the other machines, boot from a linux boot disk, partition the hard drive, pop the master image CD in the CDROM drive, untar the master image file onto the hard drive. Run lilo to make the hard disk bootable.

SMP is a good idea, if your application is calculation-intensive. If it is merely I/O intensive, then you have another ballgame.

RAID is a good idea for I/O heavy traffic, when that traffic exceeds the capability of a single disk. Caching is an option, but we're looking at a constant stream of new information, rather than reusing existing information. Thus you want a pipeline which can deliver data to the final medium (disk) quickly without eating up additional CPU cycles or unnecessary I/O bandwidth.

RAID-0 is a good choice in this case, with a hardware-based controller and 4 or 5 drives. The data is streamed to the controller at speeds approaching the bus limit, and the controller fans out the load to individual drives without any system overhead.

I don't believe data-guarding (mirroring or parity) is warranted in this case. A workstation does not need 24/7 uptime, and I doubt the application would be able to "pick-up" where it left off if a fatal error occurs. Plus one would expect the products of this process to be backed up immediately to another medium, rather than left on harddisks.

Actually, the Microsoft Intellimouse works very nicely under Linux/XFree86. I recently used one on a Netfinity at work because i knew it could be used as a three-button mouse, and it was handy. To my pleasant surprise, i found out that the wheel also moves an xterm scrollbar! What a great feature!

I think Linux is an excellent match for a place like the Army as they have tons of resourc3es to maintain their own internal code fork to fit their own internal needs in the most reliable way. Not to mention that internal expertise on the OS would make important defense systems easier to fix and extend in times of crisis. OTOH, nothing disturbs me more than using Intel based machines for such a venture.

Intel is nice and all for toys. But even imagining an Intel based machine in the hands of an Army programmer who needs to fix code or people die, really scares me. I've used a lot of Intel based machines in my life, and almost all of them were crap compared to their custom-built UNIX counterparts. Their components fail far too often, their archetecture is woefully un-scalable, the interchangable parts of a PC make it hard to get an effecient system case for cooling or for ease of maintenance, they make poor use of space, they're ugly, and their build quality is sad at best. Incedentally most of this isn't Intel's fault, it's just the way the crumby boxes are designed. They sure are cheap though.

I use a number of Tulip cards, but I've had a hell of a time getting the things to stick on 100 instead of 10. Maybe it is just my 10/100 switch, but the Windows machine on my network is the only one that will consistently hold 100.

Has this problem been solved? I haven't checked in over a month, but last time I did I pulled down the latest driver, read the FAQs, recompiled, etc... I still can't get anything but 10 reliably, and when I do get 100, I get so many lost packets that anything more than a telnet or SSH session will die on me.

Interestingly enough, my laptop with a 10/100 3Com card comes up 100 every time. Although RH 6.1's netconfig dumps core each time I use it, it still brings the card up just fine.

The business of the Army is to protect your rights to anonymity (posting as an AC), and free speach (posting as an AC), and liberal technology use (posting as an AC), and maintaining the US in a position that allows you to have an enjoyable standard of living (posting as an AC).

Their presence, and successful killing of people who would otherwise be running your life, is what provides for your right to choose to be a pacifist. Their existence is also what provides for your right to not contribute to their efforts. Were it not for someone standing guard, you might be tortured into providing the desired information against your will.

Being an immigrant, I fully support and appreciate the US armed forces. Thanks to them, dissidents and people with unpopular (non-state-sponsored) views have a chance to be heard. They even have an opportunity to spew their self-righteous opinions without spending more than two seconds thinking about their validity. Their only fear of retribution being that of someone else exercising their own God and Country assured right to free speach and a differing opinion.

The first three companies are pure Linux. The fourth is getting good advice on Linux systems from people in the community.

You absolutely want as little variation on your hardware as possible with these machines. This will up the price of each machine. However, it will also make them easier to maintain, repair, upgrade and find drivers for. The additional expense pays off in the long run, if you are going to deploy thousands of these things. Make this a condition of your contract.

Personally, I say go with ASL, if only because they're nice guys.

NB- I don't work for any of these companies, even (as far as I know) indirectly.

Intel, Sun, Compaq, Apple, even AMD. All make great processors (Pentium, Sparc, alpha, Gwhatever, Athlon...) It's nice to see that you're looking at linux because now you not only have more choices in software, but in hardware too.

my real name is rob. hehe. i love rod stewart for one reason, the song: "if you want my body and you think im sexy". come on how can you not love him. plus he's 'tapped' all those supermodels, to me hes god like.

Looks as if you have a good idea of what you need, or is it what you want? make sure you NEED all that processing power, super-expensive Rambus memory, and ultrafast video card.

I have a feeling this sounds like a storage machine - means you should have a good amount of ram, but regular PC100 or PC133 will work fine. Dual processors? maybe, if you are doing stripeing or mirroring with your disks.

Also don't limit yourself to RedHat - remember redhat is not linux - you can go ahead and look at debian, stormix, mandrake, suse, and the rest for a distribution that fits your needs, or one that just spikes your interest. (I personally like stormix)

if you can get past the windows mentions, look at the god-box and the other boxes over at Ars Technica [ars-technica.com]. They have some great reccommendations on good value hardware.

Lastly, i saw a few complaints about the 3c905b cards in earlier posts. We religiously use these cards (albiet in windows NT machines) here at work and have had nothing but good experiences with them. I love the 3com and i have a hard time using anything else (execpt if it is free of course:-> )

... If the box is sitting in a concrete bunker, with no wires heading to the outside world, and armed Rangers around the base, this issue isn't that much of an issue.

I really don't think this is a significant matter for machines that are either:

Not required to be particularly secure, or

Are housed in rather secure environments.

It's fair to say that AMD might provide "better bang for the buck;" the insecurity of microcode is, however, something that organizations have been coping with since microcode computers were invented, which likely dates back to the '60s.

As for "You'd never know it," a secure US Army site is likely one of the places to which Intel would be willing to release secrets as to protocols necessary to validate that the microcode hasn't been tampered with, no?

You dont have to agree with the killing people part, but not everyone in the Army is involved in offensive capabilities. They do a lot of basic research, and do a lot of defensive things to allow you to express the opinion you just expressed. The Army employs scores of people who have never shot an enemy or been deployed in a forward area to get rid of an enemy. The Army is almost directly responsible for the first non-soviet artifical satelite. The millitary has been behind countless technical innovations that make your life the way it is, RADAR, plastics, commerical aviation, the Internet etc. Their business is to protect Americans and to protect the American way of life. That does including killing people but it also includes engaging in research to use technology to their advantage, the fruits of which are all around us today.

This is not the US Army's fist implementation of the LINUX operating system. I was lucky enough to field an intelligence analysis tool running LINUX a couple of years ago. It was great fun getting paid to play with LINUX!

This is a difficult argument to counter and one I have been dealing with for a long time. As a West Point graduate, I am often asked why I chose to go in the Army. My answer is usually, "Too complex a question for the time alloted for the answer." However, one of the major deciding factors was studying about Mei Lai in high school. THe majority of people in a South Vietnam village were massacred by US troops. Only one person went to prison: The Platoon Leader. I remembered thinking, "If I had been in his position, that would not have happened." That is why a free thinking computer geek from liberal Massachusetts decided to forgo the college (read party) career he had been looking forward to for most of his life to go through the rigors of military schooling and traiing. I graduated and was an Infantry officer (not a very good one, in retrospect).

After vietnam, the Army was viewed as a dishonorable profession. As a result the army of the 1970's was riddled with problems. It took many years and a shift to a president concerned about the military to fix them.

The fact remains that we will have a military. While it would be wonderful if we could ensure world peace without guns and bombs, it is not going to happen soon. Work towards it, it is a wonderful goal. But understand that in the interim there will be men and women standing guard. If we the American public dedicide to treat the profession as honorable, then honorable men and women will be drawn to it. It is not a fixed thing; the attitude we spread today will directly affect the actions of the military tomorrow. Express your concern about the choices the civlian leaders make when they decide to deploy our troops. But support them men and women who have to make very difficult decisions. In short, ensure the morality of the military lines up with the morality of the people. The Military of the past has made mistakes. It is up to us, all of us, to learn from them.

According to Tom [tomshardware.com] ddram outperforms rambus anyway, due to rambus's inheritantly worse latency. Also if reliability is a concern:-) keep in mind that a slew of Rambus-related problems have dogged the new rambus motherboads/chipsets.

1 - Dump Intel. Not only do the AMD K7 Athlons run faster then Intel CPU's, they also run on a nice EV6 Alpha modified 200mhz FSB motherboard, and I do belive VIA has a chipset for Athlons which allows PC133mhz SDRAM.

2 - Dump the RAMBUS RAM. Get 1 GIG of PC133 SDRAM

3 - The SB 128 might not work well, I'd actually try to find an old SB16 ISA card seeing as you're not doing sound processing, and it'll more then suffice for any other audio requirements you may have.

4 - I hate to bring up the Disto Holy War(tm), but is Red Hat really a good choice? I find it bloated, slow and insecure. Perhaps Slackware or Debian/Corel?

5 - Someone mentioned the 3c905 drivers not being real mature and suggested dumping that for an Intel card, I have to disagree. I've used 3Com NICs, including the 905, in Linux for years and they work perfectly, I wouldn't change that choice.

6 - DVD Drives aren't really supported, you might want to opt out of that for a nice high speed CD-ROM and possibly add a DVD drive later when there is better (any?) support.

7 - That TNT Ultra card I'm not to sure of, I think there is support for it in Mesa, but don't hold me to that, it really depends on what you're going to be using it for, if you're going to be doing lots of 3D graphics I would, unfortunately, opt for the more supported Voodoo 3, if not the TNT Ultra will be fine but you can cut a corner or two on it and get a Matrox G200 which will do just as well.

8 - USB isnt really supported until 2.4.x, although you kindof get USB ports thrown in free on every motherboard these days.

2. dual ATA-66: Why, beyond the spectre of universal upgradability, would one want integrated ATA-66 when planning to use the 160/M SCSI interface? Perhaps a less expensive board w/o the ATA-66 controller would be a better choice.

3. 2x USB, serial, parallel: No complaints.

4. Integrated Ultra 160/M and U/W SCSI: Good choice if running the two HD 'standalone'. Perhaps a RAID controller on top of it to handle the data spool instead of the single 36 G drive. The controller and smaller SCSI volumes will probably be more cost-effective in the long run also.

5. 733 PIII: Intel may not be terribly committed to releasing faster chips in the slot 1 variety, now that they're also trying the FCs and PPGAs. If you're counting on a brain transplant down the road, perhaps a quad board with two empty slots would serve you.

6. (storage): A single 9G volume for the root fs and a 36+G volume for data is a fair start, but as mentioned earlier, RAID for the data spool may be more cost-effective in the long run. The DVD drive, well, I'll leave it alone.

7. Viper V770: Go with a Matrox, and a G200 at least. Better Linux support and a better card for the money.

8. 3c905: Go DEC Tulip-based instead. It performs better under Linux, and the driver is excellent.

what is sensible about tax dollars being spent on health care; things have worked fine in the US with no public health care for a great length of time.

Maybe things have worked fine for you, but what about people working in minimum-wage jobs with no company-sponsored health plan? They surely can't afford medical insurance on that whopping $5.25/hr they make. Remember, someone has to cook and fill your order at McDonalds (for instance, not implying you eat specifically at McDonalds).

If I lost my well-paying job with great benefits, and, for some reason, couldn't land another one immediately, I'd like to know that I could get medical help if I needed it, without mortgaging the rest of my life away to the hospital. (Wow, that's an extremely convoluted sentence!)

Try thinking about someone other than yourself every once in a while...

I've used 3Com 905B's and DEC Tulips (the Netgear version) for several years. I found the Tulips to be somewhat better performing, and loads cheaper. Apparently you pay a lot for the 3Com name (2X or more the price of the Tulips).

This seems more like a wishlist for a home PC than a number-cruncher for data analysis. Couple of points to keep in mind when specc'ing hardware for a professional installation (corporate, organizational, or even millitary).

1) Anything you buy today will be hopelessly obsolete in 18 months: that's the PC life-span. Live with it.

2) You will -not- have the time to upgrade these machines. It seems cheaper on paper to swap out video, drives, and motherboards to and from a generic PC. It's not. Factor in: downtime, reconfiguration, getting the new stuff to work, filling out the paperwork for upgrade components, etc, etc, etc. Forklift upgrades are the -only- practical way to run a professional shop. Drive space and RAM should be the only things you touch.

This comes from long personal experience. You can afford the time and effort to screw around with a pieces-parts home machine. It's a whole other story when you are on the company (gov't.) dime.

3) Established, standard components all the way. The bleeding edge is for chumps and loosers and guys with nothing better to do than hack device drivers.

This -includes- OS! Your system vendor should install and support the version of Linux you want to run. No ands ifs or buts.

Bearing these three principles in mind, I would reccomend buying the fastest possible systems you can afford, and go with reliable, mid-range components in standard configurations. Standardization is -key-: bits'n'pieces is no way to run a high-end shop. To achieve this end, talk to VA Research about their Xeons, Penguin Computing about their Athalons, and Microway about their Alphas. Go with their reccomendations, and avoid customizing their standard configurations.

I highly reccomend Alpha hardware for speed, reliability, and compatibility. (Second only to x86) The Alpha/Linux combo has been proven in high-end applications like cinema special effects and weapons engineering supercomputers. (What do you -think- those Beowolfs are used for? Quake servers?)

The faster the system, the longer you have until it obsoletes. Another point in favor of the Alpha. The more vanilla the component, the easier it is to replace in case of failure. Standardize, standardize, standardize!

Just thinking... if you're going to do number crunching, and recording data off it, why not design a Beowulf cluster from the ground up, say four or eight Celeron 500s with 64Mb each(about $500 each without monitor, keyboard, mouse and video card, but with 100Mbps PCI netcard), hooked up to a RAID Level 5, say some 5 25Gb disks, for 100Gb total disk-space, and a 100Mb-full switch, for a grand total of maybe $6000... and you have one helluva of a data crunching machine...

You need to decide how much you want to bleed. These specs use a NEW motherboard chipset (840), a NEW memory architecture (RAMBUS), and a NEW CPU technology (Coppermine). If you want to pursue this technology, do so with your eyes wide open. This stuff is too new to be really stable. There are bound to be gotchas hiding all over the place. Remember that when it comes to computers, Murphy was an optimist.

Consider a Xeon based system if you really need the raw horsepower, but it sounds like you really want maximum I/O. To get that, look at SCSI RAID controlers, or a non-Intel architecture with a decent motherboard I/O bus. Alpha motherboards have 128 (or even 256?) bit buses. Don't get too hung up on CPU; that's seldom the bottleneck on a new system.

* the videocard: If you're only using 2d it's adequate but overkill. A G200 or G400 would likely give better (cleaner) 2D at high resolutions. If however you need opengl accelartion things are ALOT different. Nvidia's TNT driver support is horrible (not performant). I wouldn't count on them (don't want to be an open source zealot, but if the specs are kept closed, you have to always rely on them for drivers) 3DFX actually has the best support for 'other' OS's like BeOS, Mac, Linux,... And the drivers are all open. If you want better peformance/features you might want to go with matrox' g400 - crisp 2D and GLX is pretty performant already. The moment XFree 4.0 comes out there should be G400 drivers VERY soon after.bottom line: get a G400. - or a Voodoo4 when(/if:) they come out.

* cpu/chipset: i see you went for an smp chipset. that's ok. i really like the 840. Just a couple of things to think about: - test one out before you buy a bunch of them. You can't afford mobo flakiness. The 840 is very young and untested. Same goes for the (dual channel) rambus. Maybe you should consider a BX/GX board - you'll also save a bunch of money on memory (1 gig of rambus memory - money must be of no concern). Are these workstations mission critical? Think about that too. If you need uniprocessor boards i'd consider athlons (depending again what you think is most important: performance/cost or maturity) * scsi: I'm not sure if you need this. If you only use one or two harddrives you won't notice much performance gain. If you absolutely need to blow some money, by all means do. OTOH, if you intend to often use more than 3 harddrives/devices on the bus at thesame time, like in raid configurations or heavy duty workstation stuff, or you need to attach plenty of devices to your chain (scsi zip/cd/writer/dvd/scanner/harddrives/...) you might get good use out of scsi.

btw: are you sure the Adaptec ultra 160/m is already supported under linux??

With respect to the processor of choice, I see no real reason not to get an AMD instead of an Intel if the price is right and the speed is sensible

Absolutely. I've had lots of problems with AMD CPUs and VIA chipsets under Windows but Linux doesn't seem to have any problems with them at all - despite the conventional wisdom that Linux stresses the system harder.

Consciousness is not what it thinks it is Thought exists only as an abstraction

Alphas offer better performance than Intel, plus they are 64-bit. If you are tossing around GB of data the ability to directly address very large amounts of memory is going to matter. Linux on Intel today is able to handle 2-4 GB of RAM (depending on patches) but you can't address all of that. (You can map it - which is what databases want to do with it.) Likewise 2.4 extends that to 64 GB, but you cannot address it all.

Another benefit is security. Look at the LinuxPPC test. Even without their fixing a known hole, nobody could break in for a long time because you have to write assembler for the PowerPC chip which few people know. Alphas are not Intel, and that could well work to their advantage...

Another thing to watch out for is that RAMBUS RAM is 5x or more to that of standard SDRAM/SGRAM prices. Tom's Hardware did a review of a new DDR board by Micron (called the Samurai) that shows equal promise with much less expensive RAM. unfortunately it is not available yet...but I have heard that the potential for US Gov. funding tends to make prjects "move faster":). The review is here [tomshardware.com] There is a discussion of what DDR means at the link. This still doesn't get you away from the Intel chips though. Hopefully with luck someone else will pick this up for the Athlon before long. (I drool at the thought of a DDR Kryotech K7...)

Just my opinion, but these specs seem rather simplistic and inconsistent with the stated purpose of the systems. If you're doing heavy number-crunching and then working with the results to generate human-readable/graphical representations of the data, you're looking at two classes of activity for which you should separate and optimize the system designs. To be more specific, you don't need any sound card, dvd capability, or high-end graphics adapter on a number cruncher, but you need good keyboards, graphics, and the like for the workstations. A lot of thought probably went into the config and purchase of the SGIs; you should do the same here.

So... I would recommend a more radical solution for the number crunching -- perhaps a cluster of systems running Beowolf. In such a config, the need for dual-processor machines is mostly negated, and with the cost savings (switching to common motherboards, processors, and memory) you can cover the extra network cards, ethernet switch, and put in several more single-processor nodes. The Athlon-700 is an ideal processor in this configuration, providing much more bang for the buck, and potentially provides a cheap path into higher-power SlotA processors. Unless your stuff runs entirely in memory, Rambus won't get you much as opposed to PC100/133, don't waste the money. Stick with a 100m Tulip-based ethernet card or three. And for storage, I'd spend some time designing a screamingly fast solution -- maybe you can good use of your existing SGI systems to host a large array (20 or 30 9gb striped scsi drives in a fiber-linked array, a la the Sun SSA114 or whatever SGI's equivalent is.)

For the workstations, I'd agree with the config pretty much as stated, except that I question the necessity of the entertainment components. If workstation processing power is really such an issue that you really need dual cpus, don't run media apps that hork cpu cycles. Buy a Rio, and watch the DVDs at home.

(Of course, now that I think of it, watching DVDs on your new Linux-based system would make the US Army a co-defendant in the recent decss suit... Hey, why doncha leave that in the config...:)

I've noticed a lot of people saying to skip the DVD drive since these are production machines, not there for gaming/movie watching, and DVD support under linux isn't great yet. I agreed with this for a while, then had a thought. Perhaps the Army is being forward thinking here. DVD writer support is already in the works, or exists IIRC. No, its not cheap, yet.

Just like CD, DVD will become a very viable method of storing large volumes of data. In that case, these machines won't have to be retrofitted for DVD at a later point. Given the current price of a 10x DVD drive with 40x CD-Rom support, as opposed to a plain 50x 40x CD-Rom, there isn't much reason they shouldn't go ahead and get it now as part of the package deal, have it installed, and ready to go when the need it in a year or two.

This is plain paranoia. There's no way changes in the microcode could represent a security threat: it's DoS at worse. Something as low-level as microcode has no way of knowing what's going on inside the computer, or draw any useful information from what it sees, let alone communicate it outside.

In any case, loading the microcode, on the Pentium processors, can only take place in real mode (virtual 8086 mode won't do it). Linux runs in protected mode. (Of course, we only have Intel's word on the subject.)

You can also imagine a backdoored network card that occasionally sends a special ethernet frame containing a random page of your physical memory.

If you want to be that paranoid, you can also imagine that there's a back door in gcc. I suggest you read Ken Thompson's excellent Turing Award lecture on the subject, Reflections on Trusting Trust [acm.org].

Yes, I would agree with Mylex over Adaptec. However, since I'm not footing the bill I would have to consider the Compaq SMART2. I've seen Smart 2SL controllers go for around $500 now.

I use several SMP machines for raw processing power that are constantly looking at a fast data stream and performing calculations. The data is written to the hard disk in 2GB compressed files which are processed FIFO. Each 2GB file is broken down into 4 512MB pieces (one per processer) and filters begin breaking them down further by frequency range which adds up to a lot of disk access. Total data examined is around 70GB a day. The Smart2 controller is used to stripe the array (redundant or not) which adds a lot of speed. The systems operate 24 hours a day with constant disk access, so if your process writes a lot of temporary files or requires a lot of disk access for any reason, I would consider SMART2 (2SL, 3200, or 221). Support under Linux is superb. Mylex also makes a DAC960-based controller but I have no experience with those boards.

I guess the real question that needs to be asked first is WHEN you intend to purchase these systems? If you are aiming at using cutting edge technology but don't intend to roll out for 6 months, these systems will be old hat by the time you get them out the door.

Things to note:

DrivesIf you are doing lots of data collection, make sure that you use decent spec drives and controllers, and that where you collect your data is on a totally seperate controller or channel from the main system drive(s). I'd look at a RAID controller (64 Bit PCI?) to provide a RAID striped solution to reduce disk rotational latency (not to improve data protection) and using a few smaller, faster disks. Don't use too many disks to allow for future expansion while maintaining speed. The idea is to dump the data to the drive as fast as possible. Look at the Alphas and their 64 bit PCI buses. (This is also apparently going to appear in the Athlons, so keep an eye on that). There are also Intel's that have 64 bit PCI buses, though they are no where near as common, and I have no idea how well they are supported under Linux.

CPU'sDual/Multi-CPU Athlons are round the corner. They will have much more bang for the buck than Multi-CPU Intels, especially with FPU bound applications. Also remember that while the Intel CPU's all SHARE the FSB, the Athlons each have a dedicated path from chipset to CPU, which could avoid a very problematic bottleneck if you are doing lots of data crunching. Note: I'd also wait for the Athlon's with Integrated Cache on-chip, as this will drastically improve performance with large amounts of data.

VideoIf you're looking at using OpenGL to render data visually (which is what I assume you've been doing on the SGI's), then I'd suggest to wait for XFree 4.0 which is also "just around the corner". The TNT2 Chip from Riva is very well supported, and is definately up there in the performance stakes. It is also not swamped with problems like the G-Force (NV10). You might also look at hardware OpenGL cards, as there are a number that are supported under Linux.

SoundIf you are using sound a lot, (eg: for audio data capture) then you will want to talk to the people who wrote the drivers, or at least Alan Cox. Figure out what card provides the services you need with the least CPU cycles. Go with this, don't go with something generic simply because it's cheap. Weigh up the differences. Also beware of older SB PCI-128's, as there is a lot of stock out there that are rebadged Ensonique's (who Creative bought, and effectively designed the PCI-128) that can cause problems. I've also noticed that SB PCI-128's have a large failure rate (my work PC here has one that just makes burbling sounds instead of music).

Whatever you do, if you are aiming at cutting edge, get an idea of your time frame, and work to what will be available then. Trim the edges, but don't trim too much, particularly if you want systems that will perform exceedingly well in the future, and remain upgradable. This is the mistake I see every government department make around the world. They change something they believe isn't as important, and by changing one small part in the system, they effectively cripple the system performance.

Or someone who begins or ends their post with something like "I know someone is going to moderate me down because of my unorthodox position [boo hoo, boo hoo]... but I do not beleive in conformity so, therefore, I will speak my mind!" even though the rest of their post is a lot of rubbish.

Seriously, I have known people that squeezed extra performance out of certain types of parallel calculations by having them done on the video-card. That facility was supposed to be there for preparing a new screen while the old was still displayed, but video cards are better suited to massively parallel calculations than standard CPUs are...

So data processing might indeed benefit from having lots of video memory, even if you are not displaying anything.

Two items I can see that I would configure differently right off the bat.

Mouse -- I'd pick a Logitech Mouseman 3-button mouse. Much better for X usage than a two button mouse like the one they have selected.

Ethernet card -- I'd pick an inexpensive Tulip (or PNIC) based card like the Bay Networks Netgear FA310TX, the LinkSys EtherFast 10/100 PNIC based card or the D-Link DFE500-TX. Not only are they cheaper, they are faster than the lackluster 3C905B according to what I've read.

Other than that, about the only thing major I would do differently is I'd seriously consider AMD CPU's.

Finally, this is MILSPEC we're dealing with. MILSPEC leaves absolutely nothing to chance. That is why you see such unimportant information as UDMA66 and the Intellimouse in the spec list. Why was it specified? Because it could be. The military is quite anal about things like that, and whether it's liked or not, everyone in the system has to play that game.

The problem is that government procurements over X dollars are put out for competitive bidding, unless you can write a convincing sole source justification. Anything that isn't fully specified is an opportunity for a sleazy vendor to substitite some cheap piece of crap or to omit the feature. Some vendors will try to slip in obsolete or substandard hardware in order to clean out the junk from their warehouse and to make a few extra bucks. After being burned a few times, you learn how to write a specification that straitjackets the vendor into delivering what you want.

It would be a good idea to consider the AMD Athlon [amd.com] platform for these systems. I say this because of the much higher (200Mhz) external bandwidth and better bus handling. This allows for faster multi-CPU support and better processing speeds for large data objects in RAM (as opposed to the slower i840 bus and memory support).

As the Army is not simply pushing large amounts of memory around (such as for DVD or 3D gaming textures), but rather dealing with huge numbers of pieces of RAM, PC-133 (and its decendants) provide much better access times than RAMBUS does.

The Athlon's use of Digital's (now Compaq's) EV6 bus is a huge step in the right direction for processing large amounts of data and sharing that data between processors, memory and PCI cards.

We're talking about large data-set crunching. This isn't data that'll fit in the cache, so we need to pull it into the CPU quickly, right? Are we assuming that large amounts of data will be processed sequientially or that they'll be accessing from various parts of RAM randomly (like most data processing solutions... that aren't Video)?

For the later, use SDRAM or DDRDRAM.

PS, I wouldn't mind if someone built a quick memory benchmark test to run as a user app and see how fast each memory system is for large dataset manipulations, WITH kernel services running (swap, cache, etc.... multithreading has to be accounted for here).

As with Bruce Schneider's recent presentations in various fora on "Attack Trees," a vulnerability such as "rewriting microcode" needs to be put into proper focus within the context of the natures of plausible attacks, and the relative costs thereof.

This is a game, in that attacker and defender both can construct decision trees for analysis, and treat this as a minimax problem in order to establish the most fruitful attacks and defenses.

I suppose it's difficult to be certain without running through the minimax problem, but I don't think that "vulnerability to rewriting microcode" will rank terribly high on the list.

After all, it's likely that reprogramming microcode represents something that you'd have to be in supervisor mode to do, e.g. having your code running in Ring 0.

The thing is, once the attacker's code is there in Ring 0, they've already won.

Being in Ring 0 (or an equivalent thereof) means that your process can do practically anything.

I think that's enough of an analytical result right there to establish that a "microcode attack" isn't going to be terribly feasible, as it's an attack that implies that security has already been fairly irretrievably breached.

Consider making this concrete on Linux.

If IA-64 allows user mode ( e.g. "Ring higher than 0") code to hit on the microcode engine that controls what happens in supervisor mode, THIS IS INDEED A SPECTACULAR BREACH. I can't believe that Intel could possibly be that stupid. IA-32 may be a very ugly hacked up design for many reasons; it is not a stupid design in that way.

If, on the other hand, only code in "Ring 0," e.g. kernel code, can modify microcode, then this is no worse an issue than the issues we already have with the need to trust and secure the code that runs in the kernel.

This post comes late in this discussion, and as such I have no guarantees that you'll end up seeing this message. However, your group has made a decidedly honorable request to Slashdot, so I'll take my chances and provide you with some commentary on your acquisition plan:

You're dooming yourself to, at best! Abit motherboards. It's tragic, but while Abit motherboards make for excellent gaming machines, they're simply not of Asus caliber. I'm dead serious: Recently, my friends and I spent upwards of 50 hours combined trying to get Linux to work with an Asus BH6 and a large Maxtor UDMA-66 drive. The number of incompatibilies and instabilities I encountered was pretty much the worst experience I've had with off the shelf stuff, bar none.

The Asus just worked, and has been rock solid for me ever since.

In any system you build, reliability is far more important than speed, and if you poke around you'll find far, far, far fewer horror stories referencing Asus motherboards than any other brand. The reason is simple--if they can't do a technology right, they won't do it at all. Asus has not yet released a motherboard with integrated UDMA-66 for this reason, and they're pretty much the hardware company I respect the most because of it.

If Asus hasn't released a RIMM supporting Mobo(they may have, I don't know), there's a reason.

CPUwise, has Asus given in on releasing a K7 mobo yet? Last I checked, Intel was playing off people like me who won't get a motherboard unless Asus makes it by threatening Asus with extreme price increases if they supported AMD's chips. Nasty stuff.

SCSI on the motherboard is unnecessary, and you're risking greater downtime through the loss of replaceable components. A spurious shock through the SCSI line can (rarely, but possibly) short out your SCSI bus. Replacing a card is a hell of alot less downtime than replacing the system's motherboard!

Furthermore, it sounds like you plan to store quite a bit of content on this machine--I'd be interested in your design justifications for two, drastically different sized hard drives. Considering the amount of storage you're planning to use, I'm wondering if you shouldn't spec out using Hardware RAID-5 w/ three 36GB drives. That would give you much more aggregate transfer speed, as well as hot-swappable reliability(you'd be able to lose any single drive yet not lose a byte of data). While I understand RAID-5 is much more of a server technology than one you'd expect on a workstation, your workstation has been spec'd with server level design considerations and I can't imagine why the storage solution should be any less professional.

Diskwise, I've heard good things about IBM(who invented GMR, the technique a good chunk of the industry depends on for the kind of high density platters we know and love) and Seagate. I'd at minimum specify a range of brands you'd accept for the hard drive--remember, moving parts = more likely to die.

Networking: 3Com 3C905B-TX ethernet card (PCI)

(Disclaimer: I work for Cisco, but this advice long predates my employment there.)

Get a Tulip(DEC 21440 or Compaq-Purchase Remarked Equivalent) based card. Yes, they're inexpensive, but Beowulf code was originally developed on Tulip equipped clusters of machines. As such, Don Becker has optimized their drivers to an absolutely ridiculous degree, and there are several kernel networking settings that are just not easily available for any other architecture. (I believe the Intel cards have some of the fast routing code ported to them.)

In general, Tulips are pretty much the network cards to standardize on, no matter what your operating system.

Video's OK, I'd suggest something by Diamond based on nVidia's new GeForce256 processor with reservations that I haven't looked into their Linux 2D/3D performance yet. The GeForce256 is a specific model that's likely to end up very well supported, due to its extensive Christmas sales and ostensible inclusion in MS's coming X-Box. (3D Visualization hardware is now completely driven by gamers. Remember when gamers used to get the sims from the Army?;-)

Sound: Go SB-Live. The Linux drivers for it are excellently stable, the card has digital I/O, and the chipset is likely to become an immensely powerful programmable DSP in the near future. The card also has an excellent noise floor--a striking improvement over the rest of the historically noisy Sound Blaster line.

Specify the four point cambridge soundworks speakers, if you can. One thing you forgot is a microphone! You need one short range, noise/echo cancelling, unidirectional mic that gets mounted on the monitor. You need one long range "speakerphone" omnidirectional mic for conference-over-IP sessions. Both mikes(and probably all sound in general) need to be hooked through an A/V box that defaults to physically separating the microphones from the mic port on the sound card. It's great to be able to use data links as emergency/impromptu voice channels, but you don't want an adversary to use your computer as a listening post!

300W or greater power supply

Ah, power. Hot-swappable power? Not inconceivable, though we're starting to really push the separation between Workstationa and Server with one of those;-)

Specify a UPS for this machine, preferably one of those "Brick Walls" that can survive direct lightning strikes without sacrificial elements.

The LS-120's are nice if your organization has standardized on them, but that's about it.

Specify a SCSI DVD drive, simply because you'll weed out the "consumers won't need this more the six months" fly by night hardware makers that only work in IDE. Plus, the CPU load of doing anything in IDE is ridiculous--I did a move from one large IDE drive to another...2.5MB/s, 75% CPU on Celeron 450. Ouch.

Another main advantage of a SCSI drive is that it lends itself well to integration with a SCSI CD-Burner. Don't discount these--there's just literally nothing at all better for moving 2 to 650 megs of data from one machine to another, particularly for emergency drop ships. (I built our groupware CD burning page at work for precisely this reason.) I highly suggest the Yamaha 8x SCSI-3 burner--I just bought one, and much like the Asus, it Just Worked.

Even if your system is prebuilt for you, parts that "Just Work" contribute significantly to the long term life of the system as a whole.

Keyboard: Soft-touch keyboard (no keyclick)

Specify the Microsoft Intellikey Pro, *NON ELITE*(with the god awful diamond star arrows). Technically, the thing is actually pretty nice, particularly with its feel, but RSI injuries are real and 2000 is pretty much going to be the year of Lawyers vs. Engineers. This is one less thing for you to worry about.

Warranty: 3 year parts and labor

No long term support contract on the operating system? (RH6.x? You might want to replace this with 'Red Hat Linux, Present Revision') I understand why you'd want this--either your in house talent is that good, or you don't want to be stuck with the random low bid being your support provider too. I'd personally vouch for VA Linux as a provider of enterprise level support--stock price aside, these guys know their stuff. IBM and Linuxcare(who doesn't sell machines, but provides top notch 24x7 support) are also good companies.

Other stuff you didn't mention

Modem: Don't try to depend on everything always being up. In a pinch, you need to be able to interact with analog(radio?) communication lines. Definitely v.90, and if it's internal, it must be a full com port implementation. Internal is preferable(nothing to lose), but it'll be harder to find one that isn't a Winmodem. Do not trust the Winmodem drivers for Linux--see the SB Live driver, before they opened it.

TV Adapter--you may need to output to video for presentations or whatnot. This is entirely dependant on your needs.

Temperature--heat sensors are a very, very good thing.

I hope this content was useful. All I ask in return is that if you end up reading this, you notify me so I know I didn't waste my time picking through your acquisition request(which was overall quite good!).

Do you understand the GPL? If they were to release binaries of modified GPLed programs for public consumption, they'd need to release source. If they either distribute patches in house only, or don't modify existing progs, they'll be fine.

Anything they write to run on Linux doesn't have any restrictions about GPL, because it's not a modification to an existing program (or doesn't have to be) so they can use whatever license they like, if any.

Why not buy top-end equipment? Hell, for an entity that spends 2 billion dollars on a stealth fighter, an extra 50 bucks for a damned sound card makes _absolutely no difference_. It's not like you'll feel it when they take the 1 millionth of a penny out of your paycheck for it. (And please, don't tell me "but those millionths-of-pennies add up!", because I'll tell you to go tell them to stop buying warplanes.)

I'd avoid RIMM memory until it's been proven better over time. If that means using the VIA chipset to run 133 MHz FSB for now, so be it. Or you could use an Athlon, or stick to the tried-and-true BX chipset. But regardless, I'd stick with SDRAM for the next six months or so at least (a year, ideally) - the cost is substantially less, the performance is virtually identical, and it's proven stable. Rambus has had issues so far - the fix for the initial problems with the early i820 chipsets was to eliminate a RIMM slot! That doesn't encourage an early adoption.

Other than that, the specs look good. You may want to look into 3D cards that are optimized for general-purpose 3D rather than gaming, but it'll be fast any way you slice it. As for 128-bit sound, it's not needed, but given how little a good 128-bit sound card costs, why not?

Please provide more info on these ``GPL0 virii'', I'm curious. Does ``GPL0'' refer to operation at ring 0 (like, in the kernel)?

I can quite see that you probably can do many things with the microcode, but what I'm saying is that it's much harder and on the whole far less efficient than using a backdoor in a network card. There's no question that you can do everything, but you are stuck to the neck in a Turing tar-pit.

And, in fact, no, you can't do anything you want. Another instance of this ``computation in hostile environment'' I've been ranting about in Slashdot these past few weeks: it would theoretically be quite possible to have the computer operate on encrypted data, without being able to learn anything useful from the manipulations, even if the OS and the microchip are in enemy hands. Naturally, the encryption and the decryption have to take place elsewhere.

Apart from that, it's all a question of deciding whom you trust, and of trusting Trust itself. The paranoid can even imagine a back door in the laws of physics itself (that some physicist discovers without telling anybody): grounds for a good science fiction, I guess. The compiler may have a back door, that you can't detect without reading the assembly code, that isn't present in the sources, but that inserts itself everytime you recompile the compiler. Maybe every C compiler in the world has such a back door: I don't think anyone ever had the patience of reading the entire assembly output of any C compiler — ever. Maybe it's at an even lower level: maybe the microchips all have a back door in them, and this back door is so subtle that whenever a new microchip is designed (by means of some computer, presumably), the back door in the computer that does the designing will add the back door to the computer being designed.

After all, that is what we are: a self-replicating back door on the surface of the Earth. It took evolution billions of years to design us, but maybe back doors in cyberspace evolve faster.

And, as for K7 + Via, I swore myself away from Via several years ago. I firmly believe that they make the poorest motherboard chipsets that have ever been put on the market.

I have an old Socket 7 VIA board and yes, they are quite bad, slow, etc. I agree with you then, however, things do change in the computer industry very rapidly. Case in point AMD K5's were crappy CPU's not too long ago. I've seen the newer VIA chipsets in action and they're quite nice. They did suck, they were very bad, but now I think they're right up there.

Also the fact that the only part of the chipset VIA changed would be the north bridge to access PC133 SDRAM, it's still mostly the same.

Are there any security issues concerning use of GNOME or KDE due to their network centric nature ?

Yes.

If you are really concerned about this, and in a military environment, particularly a potentially highly assaulted environment, I would get in touch with developers from both GNOME and KDE and question them about what network traffic their respective software responds to.

You can also contact the more "compact" window manager (well, GNOME really isn't a window manager, but it somewhat corresponds to KDE in this context in the same manner. Enlightenment or WindowMaker are Window Managers, and you can use both without GNOME, possibly aleviating any potential issues with networking) writers. AFAIK, BlackBox only has one developer, and a small code base, so it would be relatively easy to not only test it, but fix it.